CentOS - Apr 2010 - ssh-agent

Yesterday or Friday, don't remember, I happened to be looking at my
processes on my machine, and discovered I had a number of ssh-agents
running (all mine), from different days. I killed all but the current
day's.

Now, I log out every single night.

I checked the next day, and sure enough, the one I started the previous
day was still running, and I could not only use ssh-add, and it worked. I
didn't think of it this morning until just now, but tomorrow I'll log
back
in, and see if I even need to use ssh-add.

If this is the case, I am not happy. This is, to me, a security hole, and
*not* what I expected, nor what the man page seems to lead me to believe.

Bug?

        mark

On Tue, 2010-04-06 at 09:57 -0400, m.roth at 5-cent.us
wrote:
> Yesterday or Friday, don't remember, I happened to be looking at my
> processes on my machine, and discovered I had a number of ssh-agents
> running (all mine), from different days. I killed all but the current
> day's.
> 
> Now, I log out every single night.
> 
> I checked the next day, and sure enough, the one I started the previous
> day was still running, and I could not only use ssh-add, and it worked. I
> didn't think of it this morning until just now, but tomorrow I'll
log back
> in, and see if I even need to use ssh-add.
> 
> If this is the case, I am not happy. This is, to me, a security hole, and
> *not* what I expected, nor what the man page seems to lead me to believe.
> 
> Bug?
> 
>         mark
I think that you may want some additional documentation on the use of
ssh and ssh-agent.  Try this link ( read all three parts of the
article ) and re-evaluate your conclusions.

http://www-106.ibm.com/developerworks/library/l-keyc.html

I have been using the keychain utility referenced in this series for
several years now, and I'm pretty happy with it.  As always, YMMV.

-- 
Ron Loftin                      reloftin at twcny.rr.com

"God, root, what is difference ?"       Piter from UserFriendly